Monday, April 14, 2008

Ars Technica recently covered Panda's malware report for Q1 2008 - and they note that Panda makes a surprising prediction that boot sector viruses will become more popular again.

Panda's list is interesting - they mention mobile phone and device viruses, a market which has had AV solutions for quite a while, but which hasn't seen a real widespread threat. They also cover the Storm worm, which has been one of the most visible and largest of the recent widespread viruses. Then, surprising to both myself and the Ars Technica writing staff, they spend quite a few pages covering boot sector viruses.

Many newer IT workers likely haven't dealt with boot sector viruses - they haven't been a serious mainstream threat in almost a decade. We're used to seeing worms, and email borne viruses, and even those haven't been a major threat to most organizations since company wide AV, mail server malware filtering, and firewalling became common.

Will we see boot sector viruses make a comeback? My feeling is that it won't make a significant comeback in most organizations. Social networks, browser exploits, and social engineering seem likely to remain our highest threats, as widespread AV use and better network layer protections are making user interaction a more common requirement for the spread of malware. I also expect to see more viruses spread by removable devices and via wireless, both 802.11 and Bluetooth.